NomadMemory.au3

[hendrikhe]

I put NomadMemory.au3 in my Include foulder (C:\Programme\AutoIt3\Include) but still error

C:\Programme\AutoIt3\beta\Include\NomadMemory.au3(232,41) : ERROR: $SE_PRIVILEGE_ENABLED previously declared as a 'Const'

Const $SE_PRIVILEGE_ENABLED = 0x0002

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^

C:\Programme\AutoIt3\MyScripts\pointer.au3 - 1 error(s), 0 warning(s)

CODE

include <GUIConstants.au3>

#include <GUIListBox.au3>

#include <Misc.au3>

#include <Array.au3>

#include <NomadMemory.au3>

sleep(25000)

Global $Pointer=0x07F70778

Global $Offset=0x000004B4

Global $ID

Func _FindNewAddress(ByRef $P,ByRef $OSet)

$ID=_MemoryOpen(0x7F7223C)

$New_Address=_MemoryRead($P,$ID) +$OSet

_MemoryClose($ID)

Return $New_Address

EndFunc

Func _RefillMoney()

$ID=_MemoryOpen(0x7F7223C)

$Address=_FindNewAddress($Pointer,$Offset)

$MaxMoney=_MemoryRead($Address,$ID)

sleep(5000)

MsgBox(0,"Value", $MaxMoney)

_MemoryClose($ID)

EndFunc

While 1

_RefillMoney()

Sleep(1000)

WEnd

_MemoryClose($ID)

How can I fix it?

Edited April 23, 2008 by hendrikhe

[ProgAndy]

Change line 232 (Const $SE_PRIVILEGE_ENABLED = 0x0002) to

If Not IsDeclared("SE_PRIVILEGE_ENABLED") THen Const $SE_PRIVILEGE_ENABLED = 0x0002

or comment it out

[hendrikhe]

Thnx it works now.

I changed my code a bit and I need to know if it is right.

The game is called Rappelz but the process is Sframe.exe.

I am not sure if I am reading the right memory, cause the message box always show Value : 0

CODE

#include <GUIConstants.au3>

#include <GUIListBox.au3>

#include <Misc.au3>

#include <Array.au3>

#include <NomadMemory.au3>

sleep(5000)

Global $Pointer=0x07F607A8

Global $Offset=0x000004B4

Global $ID

Func _FindNewAddress(ByRef $P,ByRef $OSet)

$ID=_MemoryOpen(ProcessExists("SFrame.exe"))

$New_Address=_MemoryRead($P,$ID) +$OSet

_MemoryClose($ID)

Return $New_Address

EndFunc

Func _RefillMoney()

$ID=_MemoryOpen(ProcessExists("SFrame.exe"))

$Address=_FindNewAddress($Pointer,$Offset)

$MaxMoney=_MemoryRead($Address,$ID)

sleep(5000)

MsgBox(0,"Value", $MaxMoney)

_MemoryClose($ID)

EndFunc

While 1

_RefillMoney()

Sleep(1000)

WEnd

_MemoryClose($ID)

[martin]

Change line 232 (Const $SE_PRIVILEGE_ENABLED = 0x0002) to

If Not IsDeclared("SE_PRIVILEGE_ENABLED") THen Const $SE_PRIVILEGE_ENABLED = 0x0002

or comment it out

If Not IsDeclared("SE_PRIVILEGE_ENABLED") THen Const $SE_PRIVILEGE_ENABLED = 0x0002

I think you will find that if $SE_PRIVEGE_ENABLE is already defined then you will still get the same error.

The only way I know round it is

If Not IsDeclared("SE_PRIVILEGE_ENABLED") Then Assign("SE_PRIVILEGE_ENABLED",0x0002,2)

[hendrikhe]

And my code is correct?

Cause even trying with the currently address (without pointer) I still get Value : 0 in Message box

#include <GUIConstants.au3>

#include <GUIListBox.au3>

#include <Misc.au3>

#include <Array.au3>

#include <NomadMemory.au3>

$ID=_MemoryOpen(ProcessExists("SFrame.exe"))

$Address=0x0826893C

$CurrentGold=_MemoryRead($Address,$ID)

sleep(5000)

MsgBox(0,"Value", $CurrentGold)

_MemoryClose($ID)

Edited April 23, 2008 by hendrikhe

[Neocortex]

Hai!

If i execute the following script it should display the available minerals from starcraft by a MsgBox.

Line 10 returns with @Error = 0, i think its works fine

Line 24's _MemoryRead should return with 64, but it is 0.

Line 25 @Error is also 0.

What's wrong with it?

(Sorry for bad english)

[Inverted]

Can you try this, it works for me, change the process name and address accordingly :

$progname = "Memory reading"

$target_pid = ProcessExists ( "calc.exe" )
If $target_pid=0 Then 
    MsgBox (16, $progname, "Process not found !")
    Exit
EndIf

$Nomad_struct = _MemoryOpen($target_pid)
If Not @error=0 Then
    MsgBox (16, $progname, "Process could not be opened !")
    Exit
EndIf

MsgBox(4096, $progname, Hex(_MemoryRead(0x401000,$Nomad_struct)))

Edited May 20, 2009 by Inverted

[Neocortex]

Can you try this, it works for me, change the process name and address accordingly :

$progname = "Memory reading"

$target_pid = ProcessExists ( "calc.exe" )
If $target_pid=0 Then 
    MsgBox (16, $progname, "Process not found !")
    Exit
EndIf

$Nomad_struct = _MemoryOpen($target_pid)
If Not @error=0 Then
    MsgBox (16, $progname, "Process could not be opened !")
    Exit
EndIf

MsgBox(4096, $progname, Hex(_MemoryRead(0x401000,$Nomad_struct)))

No luck

Memory reading: 00000000

[Inverted]

I only get 00 if I'm reading from empty/unallocated memory. Try with a simple process like Calculator (calc.exe)

Because that code I posted is working ! Heh.

If you still can't get it to work, maybe you have an old version of the .au3 , I can post mine to be sure.

[Neocortex]

I tried it with calc and starcraft too, it does the same result with both. Can you post your NomadMemory.au3 please?

[Inverted]

Here is the version I use, test with this.

I can read and write to processes just fine, can't think of what could be wrong in your setup.

NomadMemory.zip

Edited May 20, 2009 by Inverted

[Neocortex]

Nothing changed... strange. Maybe something wrong with my environment, can you post your compiled exe too, to let me check it please?

Edited May 20, 2009 by Lazarushun

[Inverted]

This works for me, input any process name and any address in hex :

http://www.sendspace.com/file/zoh720

(I posted something and deleted my previous post, hope you didn't download that, it wasn't working, this is)

Edited May 20, 2009 by Inverted

[Neocortex]

Thanks. Tried it on WinXP and Vista too. The result was the same on both:

Momory reading: 00000000

Maybe some dependency missing? dll, .net framework or something blocks memory reading? I can read everything with Cheat Engine, so i don't know wtf is going on :/

[Inverted]

What the heck, strange. I tested it on XP and my Vista virtual machine. Are you using an antivirus or something ? AutoIt doesn't have any dependencies asaik.

Try to test on another PC if possible. Anyone reading this, test also please !

Edited May 20, 2009 by Inverted

[Neocortex]

Tried on other computer, no change. However it is contains completely the same hardwares as mine. I'll try it on a different one soon.

[Inverted]

It would be helpful if someone else could test ...

You just need a memory editor or a debugger to validate the addresses/values.

[Neocortex]

Tried on the 3rd computer, it's not working. Im going try different methods then NomadMemory.au3, i'll report back if i find a working solution Thanks for the help anyway!

[Neocortex]

Man... this is working.

#include <NomadMemory.au3>

$process = _MemoryOpen(ProcessExists("NG.exe"))
If @Error == 0 then
MsgBox(0,"","Successful open")
elseif @Error == 1 then
MsgBox(0,"","Invalid Process ID.")
elseif @Error == 2 then
MsgBox(0,"","Failed to open Kernel32.dll.")
elseif @Error == 3 then
MsgBox(0,"","Failed to open the specified process.")
endif

_MemoryWrite(0x00DD1FA0, $process, 50)
MsgBox(0,"","Write Error:"& @Error)

MsgBox(0,"",_MemoryRead(0x00DD1FA0, $process))
MsgBox(0,"","Read Error:"& @Error)

_MemoryClose($process)

Starcraft's memory probably locked, i tried it on a noname game and it works perfectly.

p.s: Your script is also good, i just tested it on an over-protected application.

[FreeFry]

You guys sure that you're using static addresses?

Otherwise read up on DMA, and find some tuts on how to 'counter' it.

Otherwise, if you're using static - ie. 'green', addresses then make sure that you're using module-relative addresses rather than absolute addresses and offsets.

In other words, make sure that you're taking the allocation base of the modules into account:

Find what module the address you want to read from is located inside(such as game.exe+123), then use this function to resolve the allocation base of the module into an address:

expandcollapse popup

Dim $SomeAddress = _ProcessGetModuleBase("calc.exe", "calc.exe")+123; Get the address calc.exe is allocated at and add the offset to the returned address.
; Read from $SomeAddress or something below - as long as the address you first of all specified

Func _ProcessGetModuleBase($ivPID, $svModuleName)
    $ivPID = ProcessExists($ivPID)
    If Not $ivPID Then Return(SetError(1, 0, 0)); Process does not exist
    
    Local Const $TH32CS_SNAPMODULE = 0x00000008
    Local Const $sMODULEENTRY32Struct = "dword Size;" & _
                            "dword 32ModuleID;" & _
                            "dword 32ProcessID;" & _
                            "dword GlblcntUsage;" & _
                            "dword ProccntUsage;" & _
                            "ptr modBaseAddr;" & _; <---- hmm ?
                            "dword modBaseSize;" & _
                            "hwnd hModule;" & _
                            "char Module[255];" & _
                            "char ExePath[260]"
    
    Local $hvSnapShot = DllCall("Kernel32.dll", "hwnd", "CreateToolhelp32Snapshot", "dword", $TH32CS_SNAPMODULE, "dword", $ivPID)
    If Not $hvSnapShot[0] Then Return(SetError(2, 0, 0)); Could not create snapshot?

    Local $stMODULEENTRY32 = DllStructCreate($sMODULEENTRY32Struct)
    DllStructSetData($stMODULEENTRY32, "Size", DllStructGetSize($stMODULEENTRY32))

    Local $ivState = DllCall("Kernel32.dll", "int", "Module32First", "hwnd", $hvSnapShot[0], "long_ptr", DllStructGetPtr($stMODULEENTRY32))
    If Not $ivState[0] Then Return(SetError(3, _WinAPI_CloseHandle($hvSnapShot[0]), 0)); Could not enumerate first module in list?
    Local $ivRet = 0
    Local $svModule
    
    Do
        $ivRet = DllStructGetData($stMODULEENTRY32, "modBaseAddr")
        $svModule = DllStructGetData($stMODULEENTRY32, "Module")
        If $svModule = $svModuleName Then ExitLoop
        $ivState = DllCall("Kernel32.dll", "int", "Module32Next", "hwnd", $hvSnapShot[0], "long_ptr", DllStructGetPtr($stMODULEENTRY32))
        Sleep(1)
    Until Not $ivState[0]
    
    DllCall("Kernel32.dll", "int", "CloseHandle", "int", $hvSnapShot[0])
    
    Return $ivRet
EndFunc

I hope that made sense.